Commitments
Commitment Schemes
Many cryptographic protocols rely on commitment schemes, which are essential components. A commitment scheme enables a committer to generate and disclose a value, denoted as:
, also known as a commitment, that ties them to a message (binding) without disclosing the message to others (hiding or zero-knowledge). Subsequently, the committer can disclose the commitment by presenting a message to the public, which she asserts corresponds (completely or partially) to the concealed message linked with the commitment . A public verifier can then verify that the message β aligns with the commitment , derived from the hidden message , which was previously unknown to the verifier.
Commitment schemes can be categorized according to their mathematical structure or type of message which may comprise multiple components and structures, including sets, vectors, functions, and more. For example, here below are some of the types of commitment schemes:
For a single message , only a hash function can serve as the commitment primitive (e.g., SHA256, Keccak, Poseidon).
Last updated